cPanel is nightmare when it comes to PCI-Compliance I found out. I've been working on this for the last 2 weeks with no success.
cPanel support recommended a change to the latest CURRENT build for the apparent compatible version, but no - it doesn't seem like it.
After an update to the latest CURRENT cPanel, we fail OpenSSL version test. I installed OpenSSL latest manually but still fail.
[root@sm1 ~]# rpm -qa | grep openssl
openssl096b-0.9.6b-22.46
openssl-devel-0.9.7a-43.17.el4_6.1
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
[root@sm1 ~]#
[root@sm1 ~]# openssl version
OpenSSL 0.9.8i 15 Sep 2008
[root@sm1 ~]#
Also a NEW exim problem now:
The remote host is running a version of the Exim MTA which is vulnerable to several remote buffer overflows. Specifically, if either 'headers_check_syntax' or 'sender_verify = true' is in the exim.conf file, then a remote attacker may be able to execute a classic stack- based overflow and gain inappropriate access to the machine. *** If you are running checks with safe_checks enabled, this may be a false positive as only banners were used to assess the risk! *** It is known that Exim 3.35 and 4.32 are vulnerable. Solution: Upgrade to Exim latest version Risk Factor: High [More] [Hide]
Our exim is the latest version...
Anybody had these problems with their cPanel servers? How helpful were the cPanel support team to you in getting these resolved?
cPanel support recommended a change to the latest CURRENT build for the apparent compatible version, but no - it doesn't seem like it.
After an update to the latest CURRENT cPanel, we fail OpenSSL version test. I installed OpenSSL latest manually but still fail.
[root@sm1 ~]# rpm -qa | grep openssl
openssl096b-0.9.6b-22.46
openssl-devel-0.9.7a-43.17.el4_6.1
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
[root@sm1 ~]#
[root@sm1 ~]# openssl version
OpenSSL 0.9.8i 15 Sep 2008
[root@sm1 ~]#
Also a NEW exim problem now:
The remote host is running a version of the Exim MTA which is vulnerable to several remote buffer overflows. Specifically, if either 'headers_check_syntax' or 'sender_verify = true' is in the exim.conf file, then a remote attacker may be able to execute a classic stack- based overflow and gain inappropriate access to the machine. *** If you are running checks with safe_checks enabled, this may be a false positive as only banners were used to assess the risk! *** It is known that Exim 3.35 and 4.32 are vulnerable. Solution: Upgrade to Exim latest version Risk Factor: High [More] [Hide]
Our exim is the latest version...
Anybody had these problems with their cPanel servers? How helpful were the cPanel support team to you in getting these resolved?
